14.1 Providing Security for the Mobile Client

The introduction of handheld devices within the corporate environment can pose a security threat to an organization. Devices are now used to store not only company contacts; but, with external cards, may store up to 60 gigabytes of information or more. Devices also provide a mobile point of entry into the organizational network that is located outside the network security perimeter. It is essential to secure this data if a device is lost or compromised.

Securing a device involves a layered approach. You must secure not only access to the device, but data stored on the device and communications across the network. Most aspects of security for a mobile device must be incorporated before Oracle Database Lite is even involved within the security infrastructure.

Security needs to start with the device itself. Authentication on the device must be implemented through pin or password authentication, biometric readers, secure digital media for storage, and even how the device is stored, transported, and accounted for.

Once access is gained to the device, further security needs to be implemented within the mobile application to prevent the application from being able to retrieve invalid data. Technologies, such as the Microsoft.Net Compact Framework, incorporate API calls that may be used to encrypt and decrypt any data that will be stored or retrieved from the device.

Oracle Database Lite provides several security features that may be utilized to help in securing data. These features aid in protecting information during both synchronization, and once access to a device has been obtained. The two most important aspects of security provided by Oracle Database Lite for the mobile infrastructure are the following:

14.2 Encrypting the Oracle Lite Database

When you encrypt the Oracle Lite database using any of the encryption techniques in this section, the Oracle Lite database is encrypted using a 128 bit Advanced Encryption Standard (AES) encryption. This does not encrypt the data stored within the Oracle Lite database itself; it only encrypts the database as a whole.

In the default server configuration, Mobile clients do not automatically encrypt the snapshot ODB files. The following sections demonstrate how to encrypt the Oracle Lite database:

14.2.1 Configuring for Automatic Encryption of the Oracle Lite Database

The synchronization engine can automatically encrypt the Oracle Lite database used with the Mobile client. To configure for automatic encryption of the snapshot ODB files after initial synchronization, set the ENCRYPTDB parameter in the SYNC section in the POLITE.INI/POLITE.TXT file.

14.2.3 Execute EncrypDB Command to Encrypt Database

As described in Section C.4, "ENCRYPDB", you can execute the encrypdb command on the client to encrypt the Oracle Lite database. If you are using the database as an embedded database and not for synchronization, then you can provide the Mobile user password for the encryption. However, if you are using this database with the Mobile Server for synchronization, do not provide a password, as modifying this password will create an issue for synchronization.

The database on the client—also known as the Oracle Lite database—uses Advanced Encryption Standard (AES) for encrypting the database. However, you can provide your own encryption module for the client database.

The following sections describe how to implement and plug-in your own encryption module.

All of the functions in this section are in Windows format. Adjust appropriately if developing on a UNIX environment.

14.3.1.1 Initialize the Encryption Module

Implement the encCreateCtxt function to initialize the external encryption module. Oracle Database Lite invokes this function when initializing encryption. This function returns an encryption context handle to Oracle Database Lite, which it passes back on all subsequent API calls. The context handle is displayed as a void*, so that you can make it any type of structure you desire.

extern "C" __declspec(dllexport) void* encCreateCtxt()

14.3.1.2 Delete Encryption Context

When Oracle Database Lite is finished with the encryption module, it invokes the encDeleteCtxt function to delete the encryption context—which was created with the encCreateCtxt function.

ctx—The encryption context, which is created in the encCreateCtxt function.

data—Pointer to the data to be decrypted.

len—Length of the data in bytes.

out—Output buffer.

This function returns the number of bytes copied to the output buffer.

14.3.2 Plug-In Custom Encryption Module

Once implemented, you can plug-in your custom encryption module by adding the [All Databases] section to the POLITE.INI configuration file. You must either implement your encryption module into a DLL for the Windows environment or into a Shared Object (.SO) for the UNIX environment.

For example, if you created the encryption module as a DLL called my_enc.dll, which is located in the C:\my_dir directory, then you would add this module as the default encryption module in the POLITE.INI configuration file, as follows:

[All Databases]
EXTERNAL_ENCRYPTION_DLL=C:\my_dir\my_enc.dll

14.4 Pre-Configure Branch Office Passwords

When you install the Branch Office Manager on the Windows machine, it creates the OracleDatabaseLite user account with the minimum set of privileges required to execute the Oracle Database Lite software. This prevents Oracle Database Lite Branch Office executing under the SYSTEM account, which has broad privileges within the system and can make the system vulnerable.

Both the 'Oracle Lite Multiuser Service' is created as well as the normal Web-to-Go service executes under the privileges of the OracleDatabaseLite user. The Oracle Lite Multiuser Server enables remote clients to connect to the Oracle Lite database.